CVSS: 9.8EPSS: 6%CPEs: 15EXPL: 1CVE-2012-5468
https://notcve.org/view.php?id=CVE-2012-5468
18 Dec 2012 — Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters. Desbordamiento de búfer en memoria dinámica en iconvert.c en el componente bogolexer en Bogofilter anteriores a v1.2.3 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitr... • http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 4%CPEs: 14EXPL: 0CVE-2010-2494
https://notcve.org/view.php?id=CVE-2010-2494
08 Jul 2010 — Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character. Múltiples desbordamientos inferiores de búfer en el decodificador base64 en base64.c en (1) bogofilter y (2) bogolexer en bogofilter anterior a v1.2.2 permite a atacantes remotos provocar una denegaci... • http://bogofilter.sourceforge.net/security/bogofilter-SA-2010-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 5EXPL: 0CVE-2005-4591
https://notcve.org/view.php?id=CVE-2005-4591
31 Dec 2005 — Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets. • http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-01 •
CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 0CVE-2005-4592
https://notcve.org/view.php?id=CVE-2005-4592
31 Dec 2005 — Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex. • http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-02 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1007
https://notcve.org/view.php?id=CVE-2004-1007
04 Nov 2004 — The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address. • http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2267
https://notcve.org/view.php?id=CVE-2002-2267
31 Dec 2002 — bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0367.html •